Recently, I was asked by our lead developer to look into security testing so that we can get a general idea about how secure the systems we develop really are. The idea was to first look into security testing in general, and then find a tool to scan a web application under development.